[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 30475 Download | Alert*

Description: GNOME Desktop Manager can make the screen lock automatically whenever the user is idle for some amount of time. By using the lockdown mode in dconf, you can prevent users from changing specific settings. To lock down a dconf key or subpath, create a locks subdirectory in the keyfile directory. The files inside this directory contain a list of keys or subpaths to lock. Just as w ...

Description: GNOME Desktop Manager can make the screen lock automatically whenever the user is idle for some amount of time. Rationale: Setting a lock-out value reduces the window of opportunity for unauthorized user access to another user's session that has been left unattended. Fix: Edit or create the file /etc/dconf/db/local.d/00-screensaver and edi ...

Description: The `nodev` mount option specifies that the filesystem cannot contain special devices. Rationale: Since the /var filesystem is not intended to support devices, set this option to ensure that users cannot create a block or character special devices in /var . Audit: Verify that the `nodev` option is set if a `/var` partition exists.Run the following command and verify that nothing is re ...

Description: The `nosuid` mount option specifies that the filesystem cannot contain `setuid` files. Rationale: Setting this option on a file system prevents users from introducing privileged programs onto the system and allowing non-root users to execute them. Audit: Verify that the `nosuid` option is set if a `/var` partition exists.Run the following command and verify that nothing is returned:# ...

Description: The `nodev` mount option specifies that the filesystem cannot contain special devices. Rationale: Since the /var/log filesystem is not intended to support devices, set this option to ensure that users cannot create a block or character special devices in /var/log . Audit: Verify that the `nodev` option is set if a `/var` partition exists.Run the following command and verify that nothi ...

The noexec mount option specifies that the filesystem cannot contain executable binaries. Rationale: Since the /var/log filesystem is only intended for log files, set this option to ensure that users cannot run executable binaries from /var/log. Fix: Run the following command to remount /var/tmp: # mount -o remount,noexec /var/log Also add or edit entry for /va ...

Description: The `nosuid` mount option specifies that the filesystem cannot contain `setuid` files. Rationale: Setting this option on a file system prevents users from introducing privileged programs onto the system and allowing non-root users to execute them. Audit: Verify that the `nosuid` option is set if a `/var/log` partition exists.Run the following command and verify that nothing is returne ...

Description: The `nosuid` mount option specifies that the filesystem cannot contain `setuid` files. Rationale: Setting this option on a file system prevents users from introducing privileged programs onto the system and allowing non-root users to execute them. Audit: Verify that the `nosuid` option is set if a `/home` partition exists.Run the following command and verify that nothing is returned:# ...

Without reauthentication, users may access resources or perform tasks for which they do not have authorization.

Without reauthentication, users may access resources or perform tasks for which they do not have authorization.


Pages:      Start    18    19    20    21    22    23    24    25    26    27    28    29    30    31    ..   3047

© SecPod Technologies